Security fix for the ALT Linux 5 package samba version 3.0.28-alt1

Dec. 10, 2007 Alexander Bokovoy 3.0.28-alt1 - Fixed: + CVE-2007-6015: == Specifically crafted GETDC mailslot requests == can trigger a boundary error in the domain == controller GETDC mail slot support which == can be remotely exploited to execute arbitrary == code. + fix error path in local...

CVE-2007-6051

CVE-2007-6051 concerns IBM DB2 UDB 9.1 before Fixpak 4, where privileges are assigned to the DB2ADMNS and DB2USERS groups in an incorrect way. The sources confirm the affected product and version but state the impact is unknown and that vendor descriptions are too vague to determine if it is secu...

teatro-rfi.txt

teatro 1.6 Remote File Include Vulnerability Download script : http://telemat.die.unifi.it/book/2003/Telematica-II/teatro-1.6.tgz Dicovered by : Alkomandoz Hacker Contact : [email protected] =========================================================================...

Authentication flaw

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

CVE-2007-5597

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

CVE-2007-5597

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

SA-2007-030 - Drupal Core - API handling of unpublished comment.

The publication status of comments is not passed during the hookcomments API operation, causing various modules that rely on the publication status such as Organic groups, or Subscriptions to mail out unpublished comments. Versions affected Drupal 4.7.x before version 4.7.8 Drupal 5.x before...

openSUSE 10 Security Update : samba (samba-1830)

Prevent potential crash in winbindd's credential cache handling; 184450. - Fix memory exhaustion DoS; CVE-2006-3403; 190468. - Fix the munlock call, samba.org svn rev r16755 from Volker. - Change the kerberos principal for LDAP authentication to netbios-name$@realm from host/name@realm; 184450. -...

CVE-2007-3690

The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in 1 Organic Groups, 2 Taxonomy Access Control, 3 Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments...

Design/Logic Flaw

The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in 1 Organic Groups, 2 Taxonomy Access Control, 3 Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments...

Print - Access bypass

Print is a module that allows site administrators to produce a "print friendly" version of a posting. By manipulating URL arguments, authenticated and anonymous users are able to access posts that should have been restricted by a node access module such as Organic Groups, Taxonomy Access Control,...

Assign Groups to Project Role screen allows entry of users as groups

When assigning groups to a project role, the screen allows the user to specify a group that is really a user name...

Assign Groups to Project Role screen allows entry of users as groups

When assigning groups to a project role, the screen allows the user to specify a group that is really a user name...

CVE-2007-2339

Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow remote attackers to execute arbitrary SQL commands via 1 a modified recipients parameter name in a pm.php; 2 the curr parameter to the b badwords aka censorlist or c banlist module in admin.php; or 3 the "Edit groups / Add group...

Phorum 5.1.20 - admin.php?module[] Full Path Disclosure

Phorum 5.1.20 - admin.php?module Full Path Disclosure source: https://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting...

Ettercap-NG 0.7.3 - Remote Denial of Service

/ WARNING WARNING WARNING THIS PACKAGE CONTAINS AN 0DAY. NO ONE CAN BE HELD RESPONSIBLE IF THIS CODE RAPES YOUR SISTER OR MOLESTS YOUR DOG. WARNING WARNING WARNING THE ONE PACKET ETTERCAP KILLER NOW IN A SMALLER PACKAGE! If you want to know how this works then figure it out yourself. Tested with...

Information disclosure

The TRUSTEDSYSTEMSECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague...

Mambo Component nfnaddressbook 0.4 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ====================================================================== Mambo Component nfnaddressbook 0.4 Remote File Inclusion Vulnerability ====================================================================== MAMBO & Joomla NFN Address...

Mambo Component nfnaddressbook 0.4 - Remote File Inclusion

Mambo Component nfnaddressbook 0.4 - Remote File Inclusion MAMBO & Joomla NFN Address Book v0.4 nfnaddressbook.php Remote File Include Vulnerabilities script : http://mamboxchange.com/frs/download.php/8191/comnfnaddressbook.zip About : The NFN Address Book manages lists of contacts that can be...

Mambo Component nfnaddressbook 0.4 - Remote File Inclusion

MAMBO & Joomla NFN Address Book v0.4 nfnaddressbook.php Remote File Include Vulnerabilities script : http://mamboxchange.com/frs/download.php/8191/comnfnaddressbook.zip About : The NFN Address Book manages lists of contacts that can be split into groups and allows for hiding of private contacts...